Protection from unauthorized access
6.6.5 Configuring MAC ACLs
Example: MAC ACL
Filtering AppleTalk and IPX from the entire network.
enable
configure
mac access-list extended
ipx-apple
deny any any ipx
deny any any appletalk
permit any any
exit
mac access-group ipx-apple
in
exit
show mac access-lists
MAC ACL Name
------------------------------- ----- --------- ------------------
ipx-apple
1,2/2,2/3,2/4,3/1,3/2
show access-lists interface
1/1 in
ACL Type
-------- ------------------------------- ---------------
MAC
ipx-apple
Basic - L3P
Release 4.0 11/07
Switch to the Priviledged EXEC mode.
Switch to the Configuration mode.
Create the extended ACL "ipx-apple".
Add the rule "deny IPX" to the list.
Add the rule "deny AppleTalk" to the list.
Add the rule "permit all other data" to the list.
Switch to the Configuration mode.
Attach the ACL "ipx-apple" to all interfaces.
Switch to the Priviledged EXEC mode.
Display the ACLs.
Rules Direction
3
inbound 1/1,1/2,1/3,1/4,2/
Display the ACLs of interface 1.1.
ACL ID
6.6 Access Control Lists (ACL).
Sequence Number
1
Interface(s)
23